If this is your first visit, be sure to
check out the Forum Rules by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

[Script] thad0ctor's backtrack 5 toolkit

I'm pretty new here and about as new to Linux and Backtrack but I'll really thrilled to hopefully become a contributing member of the community.

In order to learn about bash scripting and the inner-workings of Backtrack, I decided to go ahead and write a script to get a hang of things. This is what I came up with!

There are plenty of word list tools out there, many of them superb resources, but some lacked the tools I needed to create a wide variety of possible passwords in order to Pentest and secure networks. I decided it would be best to take ideas and concepts from other tools and mix them with some of my own creations to create an in depth tool to create potential passwords to pentest a network. Basically, the premise of my toolkit is if you can use the script to create a word list that contains your password, you should probably change your password.

I did the best to make the script as user friendly as possible but it is still in a beta phase and there very well could be errors. Some features currently don't work flawlessy, for instance using special characters to generate lis, but for the most part it is a solid tool. Most notably the script features an update feature that can be configured to auto-update, further customizations and tools, and an interactive GTK promt system for most features if you prefer to streamline your operation and avoid command line.

Attached is the script, the readme and the change log. I will be releasing additional versions as I get the oppurtunity to update the script and add more features. If you are not registered on this forum please feel free to download the script from my newly created Sourceforge account where you can always find the most up to date version of the script, submit tickets, and pull versions directly from the git/svn. Once I get more time I will be updating this thread, the Sourceforge page and the script itself. In addition to the Word List Toolkit I will also be working on another script to simplify some Wifi attack related functions to further streamline network penetration tests although I have yet to release a beta for it because I am currently unhappy with its current state.

------------------------------------
| Thad0ctor's Word List Toolkit |
------------------------------------
| |
| version #: v1.4 |
| |
| created by: thad0ctor |
| |
| created on: 24-Jul-12 |
| |
| created for: Backtrack 5R2 |
| |
------------------------------------
--------------------------|Background|-----------------------------
-Recently my interest in network security and pen-testing has been
increasing and with that my so has curiosity about the tools and
functionality of the Backtrack Linux Distro. To best understand
Backtrack it is essential to have a solid grasp of bash scripting.
That being said, in order to best learn the ins and outs of shell
scripting and the critical functions that drive Backtrack I
decided to create this script to serve both as a learning
experience for me and as a valuable tool for others looking to
secure their networks.
-This script was created due to a lot of hard work and free time
while serving on a deployment in Afghanistan. If you enjoy this
script and want to support it do not hesitate to donate, thanks!
------------------------|Special Thanks|---------------------------
-This script would have never been possible without the examples
inspiration and 3rd Party tools provided by:
- Tape's Wordlist Manipulator and Datelist
- Middle's Wordlister
- Purehate's Wordlist Tools
- slydgotcha and his word list manipulator
-All these a great scripts that come highly reccomended and are
surely essentials for anyone trying to streamline their use of
wordlists. The authors have my highest praise and thanks!
-------------------------|Requirements|----------------------------
-This scripts requires Backtrack 5 Linux based on Ubuntu, although
it has not been tested on other DISTROS it could work
with the proper configuration
-In order to run this script you will need the following programs:
-zenity
-policygen
-crunch
-find
-cat
-sed
-grep
-pyrit (for the benchmarks)
-aircack-ng (for the benchmarks)
-pdftotext
-cewl.rb
-cupp.py
-dictstat.py
-maskgen.py
-policygen.py
-unzip
-awk
-tr
-wc
-paste
-rev
-gnome-terminal
-nautilus
-file
-wget
-xmlstarlet
-script
-System wise I would recommend a minimum of a dual core setup with
2 GB of RAM in addition to at least 50 GB of HDD space if
you plan on making some word lists.
--------------------------|FAQ / Usage|----------------------------
Q: What is all this Both / GTK / CLI / PT stuff I see in the menus?
A: What you are seeing is info that describes the special features
of the tools of the script. GTK denotes that the function
has GUI prompts while CLI means the function is command
line only. Both means the function has both prompts or CLI
features depending on how the script is configured. PT
means that that feature of the script has the ability to
passthrough its word list output to a cracking program so
you do not have to create a large word list. Whether or
not this happens depends on how the script is configured.
Q: How do I toggle between the CLI and GTK versions of the script/
A: Most of the script's menus have a function (T/t) that allows you
to toggle between the two versions of the script but you
can also force the script to a certain version in the
configuration menu to prevent the prompt that appears every
time you run the script.
Q: How do I use the passthrough attack feature?
A: Since v0.6 there are two ways you can use the attack passthrough
feature for certain functions of the script. If you prefer
to manually update the settings you can open up the script
itself (LAUNCH_TOOLKIT.sh) and update lines 41 and 44 with
the essid and capture file of the network you would like to
attack. Or, you can edit the settings directly from the
configuration menu while running the script. Currently
this feature doesn't have a GTK feature to facilitate the
configuration.
Q: What is the deal with the debug info?
A: The debug info (although not fully implemented yet) is designed
to help troubleshoot potential user issues by allowing them
to compare their log files and debug information to a set
standard online to ensure they have the newest, un-adultered
version of the script.
Q: Where can I find the latest version of this script and discuss
any issues and or ideas pertaining to the script?
A: I do my best to update and post to my thread on the Backtrack
forums at:
www.backtrack-linux.org/forums/showthread.php?t=49222
or at the script Sourceforge:
https://sourceforge.net/projects/thad0ctorstools
--------------------------|Disclaimer|-----------------------------
-This script is not to be used for any illegal activities. It was
designed with the premise of securing your own personal networks.
If any of the tools on this script were able to generate passwords
that you use I would highly suggest you create a new, more complex
password to secure your networks.
-The author of this script is in no way responsible for any misuse
of this script or damage resulting from the use of this script.
-------------------------|Contact Info|----------------------------
-If you have any suggestions, comments, bugs to report, questions
or concerns about this script feel free to get in touch with me at
thad0ctor at overclocked dot net.
-I'm working on setting up a blog in addition to a SVN repository
to provide automatic updates of this script in addition to a place
for users to come voice their opinions, check out other resources
and even learn about other security topics. Granted, I am not an
expert at Linux or network security but I assure you, as I learn
more so will you!
-------------------------------------------------------------------

Re: Script: thad0ctor's word list toolkit v0.5 ( RELEASED!)

-|Partial Change Log|-

Code:

-----------------------------| Change Log |------------------------------
----------------------------| Version: v1.4 |----------------------------
+ The script has now officially become "thad0ctor's backtrack 5 toolkit"!
+ Added a function to display the Sourceforge Delevopment RSS Feed from
the information menu and updated the dependencies accordingly
+ Added a quick internet check to the start of the script (see banner)
and intergrated that with a little notification on the main menu
to show whether or not the version of the script you are using is
up to date or not and whether or not you have internet
+ Reworked the menu system to make it a better looking and more compact
+ Added a function from the information menu that shows just the changes
from the last version of the script
+ Added some basic Wifi attack based tools and utilities, more to come
+ Updated the menu system to compartamentalize the word list tools and
added an entry for the wifi tools to the main menu
+ Added banners to each menu entry to make things look better and for a
little self promotion ;)
+ Added feature to display the most recent RSS feed news entry to the
top of the main menu and the ability to toggle it off
+ Cleaned up the main script file and sourced all functions to their own
individual scripts nested in orders to make editing and reverse
engineering the script easier and generally neater
+ Added the script's supporting documents to their own folder to clean
up the script's file directory
+ Updated the logging function so it now logs user input as well
+ Added GTK functions for the pipal and dictstat analyzation tools
+ Added new banners to the script start up to reflect the script's name
change to "thad0ctor's backtrack 5 toolkit"
----------------------------| Version: v1.35 |---------------------------
+ Added dependency check to see if the newest version of crunch is
installed on your system
+ Added dependency checks for some dependencies that slipped through
the cracks
+ Fixed issue with configure functions and the GTK toggle not working
properly
+ Tweaked the main menu to make it look a bit better
+ Fixed a bug with the dependency checks that caused some not to be
installed even if they were missing
----------------------------| Version: v1.3 |----------------------------
+ Added the ability to toggle on and off the banner on script start up
+ Fixed some issues with the configure utility and made it so some of
its functions are no longer case sensitive in addition to
eliminating the possibility of misconfiguring certain items and
making it generally more user friendly
+ Added dependency checks and the installation of missing dependencies
to the first run of the script
+ Added the ability to force dependency checks even after the first run
+ Added the ability to convert the numbers of a word list into their
word equivelant
+ Added ATT Mifi wireless hotspots to the list of default passwords
(I highly suggest you only use the passthrough for this feature)
+ Added the ability to install the script so you can run it from any
terminal by typing "thad0ctor"
+ Added a feature that removes 's and version info from the script directory
in order to properly install the script and provide continuity for
future releases when utilizing the install feature
+ Added the ability to create word lists from an ebook file
(requires: Calibre)
+ Added the ability to batch convert multiple PDFs and Ebooks into a
word list (requires: Calibre)
+ Fixed some manipulation tools so they have y/n prompts before they go
ahead and create / modify word lists
+ Added a feature that installs a shortcut and icon to run the script
from the Applications > Other menu
+ Made many sed based features i.e. replace, insert etc. so you can now
edit files in place or create a new file
----------------------------| Version: v1.2 |----------------------------
+ Updated TAPE's Datelist and Word List Manipulator to their most recent
versions and updated functions to reflect new features
+ Fixed issue when using 3rd party scripts and the conigured color not
returning to the terminal after use
+ Fixed issue with the updater when a failed internet connection did not
reroute the use back to the main menu
+ Fixed the wordify function to adjust for prefixes added via TAPE's
datelist
+ Cleaned up and compartamentalized the menu system in an attempt to make
it more user friendly
----------------------------| Version: v1.1 |----------------------------
+ Fixed some of the wording with the Phone and Social creation functions
regarding the movement and deletion of existing .lst files
+ Fixed some default settings not being default
+ Added checks that show which word lists would be removed / moved for
the SSN and Phone Number functions
+ Added the ability to create a word list with a customizeable random
pattern (limit the amount of consecutive characters, limit the
number of instances of all characters, specify min and max length)
----------------------------| Version: v1.0 |----------------------------
+ Added the ability to append / prefix a sequence of numbers to the lines
of a word list
+ Added the ability to append / prefix characters to the words of a word
list
---------------------------| Version: v0.95 |----------------------------
+ Added UPDATER.sh in an attempt to fix overwrite issues associated with
the update / auto-update feature
---------------------------| Version: v0.9 |-----------------------------
+ Added the ability to remove lines from a word list that contain a
certain string of text (meet a pattern)
+ Added the ability to search a word list for instances of strings of text
+ Added the ability to create a word list from file names and folders
+ Added the ability to double up the lines of a word list
---------------------------| Version: v0.85 |----------------------------
+ Added a working update feature based off of git
+ Added a toggle-able auto-update feature when the script starts
(accessible from the script's config menu)
---------------------------| Version: v0.8 |-----------------------------
+ Added the ability to invert the character cases of a word list
+ Added the ability to create a word list from a PDF file
+ Added the ability to remove non-ASCII characters from a word list
+ Added the ability to convert most non-ASCII word lists to ASCII
+ Added the ability to reverse the character order of the lines
of a word list
+ Added the ability to mirror the words of a word list
+ Added the ability to manipulate a single word into a word list with
slydgotcha's Single Word Manipulation Tool
+ Added the ability to remove blank and commented lines from word lists
---------------------------| Version: v0.7 |-----------------------------
+ Fixed some errors with commands pointing in the wrong places
+ Added random appearing banners to the start of the script
+ Added the ability to custom 1337ify a word list
+ Added a function to carry over settings like GTK to dependencies
+ Added the ability to convert uppercase characters in a word list
to lowercase characters and vice versa
+ Added the ability to insert characters at X point within a word list
---------------------------| Version: v0.6 |-----------------------------
+ Added passthrough attacks for several word list creation functions
+ Added the ability to configure the passthrough attacks
+ Added default password algorythms for SKY, Thomson, Plusnet, and
KooBrick routers
+ Added the ability to mangle word lists with John the Ripper's rules
+ Added the ability to prefix / append a string of text to a word list

Re: Script: thad0ctor's word list toolkit v0.5 ( RELEASED!)

Just a little update,

I should be updating the script to version 0.6 today which has some new features, most notably passthrough attacks for some existing features as well as some manipulation tools to supplement those of Tape's Word List Manipulator. In addition I'll be updating the OP with the script's sourceforge link as soon as I finish posting this. Hopefully the new version will be up within the next 8 hours, it just depends on how much I want to add before that point.

Re: Script: thad0ctor's word list toolkit v0.5 ( RELEASED!)

Good news, I just updated the script to verison 0.6. It doesn't have as many changes as I wanted it to have but it is certainly an improvement. Please let me nkow if anyone finds some issues with it and I will be glad to fix them!

Re: Script: thad0ctor's word list toolkit v0.5 ( RELEASED!)

I just updated the script to v0.7 in order to avoid people experiencing the errors associated with v0.6. In addition I added several new manipulation features, namely the ability to custom 1337ify a word list.

Re: Script: thad0ctor's word list toolkit v0.5 ( RELEASED!)

I just wanted to let everyone know that I updated the script with the following new features in addition to some fixes. Here are the additions to the script (from the change log):

+ Added the ability to invert the character cases of a word list
+ Added the ability to create a word list from a PDF file
+ Added the ability to remove non-ASCII characters from a word list
+ Added the ability to convert most non-ASCII word lists to ASCII
+ Added the ability to reverse the character order of the lines
of a word list
+ Added the ability to mirror the words of a word list
+ Added the ability to manipulate a single word into a word list with
slydgotcha's Single Word Manipulation Tool
+ Added the ability to remove blank and commented lines from word lists

Re: Script: thad0ctor's word list toolkit v0.5 ( RELEASED!)

@thad0ctor this is a great script, I always liked pure_hate's wordlist script, but yours now has soo much more to it. keep up the good work.
one thing I figure I should ask, is looking on the sourceforge page, there is a "code" section which allows one to pull from git, but it doesn't look like you've set that up. it'd be really cool if you setup git/svn, or something like it.